Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ipv6_sockglue.c
Go to the documentation of this file.
1 /*
2  * IPv6 BSD socket options interface
3  * Linux INET6 implementation
4  *
5  * Authors:
6  * Pedro Roque <[email protected]>
7  *
8  * Based on linux/net/ipv4/ip_sockglue.c
9  *
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License
12  * as published by the Free Software Foundation; either version
13  * 2 of the License, or (at your option) any later version.
14  *
15  * FIXME: Make the setsockopt code POSIX compliant: That is
16  *
17  * o Truncate getsockopt returns
18  * o Return an optlen of the truncated length if need be
19  *
20  * Changes:
21  * David L Stevens <[email protected]>:
22  * - added multicast source filtering API for MLDv2
23  */
24 
25 #include <linux/module.h>
26 #include <linux/capability.h>
27 #include <linux/errno.h>
28 #include <linux/types.h>
29 #include <linux/socket.h>
30 #include <linux/sockios.h>
31 #include <linux/net.h>
32 #include <linux/in6.h>
33 #include <linux/mroute6.h>
34 #include <linux/netdevice.h>
35 #include <linux/if_arp.h>
36 #include <linux/init.h>
37 #include <linux/sysctl.h>
38 #include <linux/netfilter.h>
39 #include <linux/slab.h>
40 
41 #include <net/sock.h>
42 #include <net/snmp.h>
43 #include <net/ipv6.h>
44 #include <net/ndisc.h>
45 #include <net/protocol.h>
46 #include <net/transp_v6.h>
47 #include <net/ip6_route.h>
48 #include <net/addrconf.h>
49 #include <net/inet_common.h>
50 #include <net/tcp.h>
51 #include <net/udp.h>
52 #include <net/udplite.h>
53 #include <net/xfrm.h>
54 #include <net/compat.h>
55 
56 #include <asm/uaccess.h>
57 
58 struct ip6_ra_chain *ip6_ra_chain;
59 DEFINE_RWLOCK(ip6_ra_lock);
60 
61 int ip6_ra_control(struct sock *sk, int sel)
62 {
63  struct ip6_ra_chain *ra, *new_ra, **rap;
64 
65  /* RA packet may be delivered ONLY to IPPROTO_RAW socket */
66  if (sk->sk_type != SOCK_RAW || inet_sk(sk)->inet_num != IPPROTO_RAW)
67  return -ENOPROTOOPT;
68 
69  new_ra = (sel>=0) ? kmalloc(sizeof(*new_ra), GFP_KERNEL) : NULL;
70 
71  write_lock_bh(&ip6_ra_lock);
72  for (rap = &ip6_ra_chain; (ra=*rap) != NULL; rap = &ra->next) {
73  if (ra->sk == sk) {
74  if (sel>=0) {
75  write_unlock_bh(&ip6_ra_lock);
76  kfree(new_ra);
77  return -EADDRINUSE;
78  }
79 
80  *rap = ra->next;
81  write_unlock_bh(&ip6_ra_lock);
82 
83  sock_put(sk);
84  kfree(ra);
85  return 0;
86  }
87  }
88  if (new_ra == NULL) {
89  write_unlock_bh(&ip6_ra_lock);
90  return -ENOBUFS;
91  }
92  new_ra->sk = sk;
93  new_ra->sel = sel;
94  new_ra->next = ra;
95  *rap = new_ra;
96  sock_hold(sk);
97  write_unlock_bh(&ip6_ra_lock);
98  return 0;
99 }
100 
101 static
102 struct ipv6_txoptions *ipv6_update_options(struct sock *sk,
103  struct ipv6_txoptions *opt)
104 {
105  if (inet_sk(sk)->is_icsk) {
106  if (opt &&
107  !((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) &&
108  inet_sk(sk)->inet_daddr != LOOPBACK4_IPV6) {
109  struct inet_connection_sock *icsk = inet_csk(sk);
110  icsk->icsk_ext_hdr_len = opt->opt_flen + opt->opt_nflen;
111  icsk->icsk_sync_mss(sk, icsk->icsk_pmtu_cookie);
112  }
113  opt = xchg(&inet6_sk(sk)->opt, opt);
114  } else {
115  spin_lock(&sk->sk_dst_lock);
116  opt = xchg(&inet6_sk(sk)->opt, opt);
117  spin_unlock(&sk->sk_dst_lock);
118  }
119  sk_dst_reset(sk);
120 
121  return opt;
122 }
123 
124 static int do_ipv6_setsockopt(struct sock *sk, int level, int optname,
125  char __user *optval, unsigned int optlen)
126 {
127  struct ipv6_pinfo *np = inet6_sk(sk);
128  struct net *net = sock_net(sk);
129  int val, valbool;
130  int retv = -ENOPROTOOPT;
131 
132  if (optval == NULL)
133  val=0;
134  else {
135  if (optlen >= sizeof(int)) {
136  if (get_user(val, (int __user *) optval))
137  return -EFAULT;
138  } else
139  val = 0;
140  }
141 
142  valbool = (val!=0);
143 
144  if (ip6_mroute_opt(optname))
145  return ip6_mroute_setsockopt(sk, optname, optval, optlen);
146 
147  lock_sock(sk);
148 
149  switch (optname) {
150 
151  case IPV6_ADDRFORM:
152  if (optlen < sizeof(int))
153  goto e_inval;
154  if (val == PF_INET) {
155  struct ipv6_txoptions *opt;
156  struct sk_buff *pktopt;
157 
158  if (sk->sk_type == SOCK_RAW)
159  break;
160 
161  if (sk->sk_protocol == IPPROTO_UDP ||
162  sk->sk_protocol == IPPROTO_UDPLITE) {
163  struct udp_sock *up = udp_sk(sk);
164  if (up->pending == AF_INET6) {
165  retv = -EBUSY;
166  break;
167  }
168  } else if (sk->sk_protocol != IPPROTO_TCP)
169  break;
170 
171  if (sk->sk_state != TCP_ESTABLISHED) {
172  retv = -ENOTCONN;
173  break;
174  }
175 
176  if (ipv6_only_sock(sk) ||
177  !ipv6_addr_v4mapped(&np->daddr)) {
178  retv = -EADDRNOTAVAIL;
179  break;
180  }
181 
182  fl6_free_socklist(sk);
183  ipv6_sock_mc_close(sk);
184 
185  /*
186  * Sock is moving from IPv6 to IPv4 (sk_prot), so
187  * remove it from the refcnt debug socks count in the
188  * original family...
189  */
190  sk_refcnt_debug_dec(sk);
191 
192  if (sk->sk_protocol == IPPROTO_TCP) {
193  struct inet_connection_sock *icsk = inet_csk(sk);
194  local_bh_disable();
195  sock_prot_inuse_add(net, sk->sk_prot, -1);
196  sock_prot_inuse_add(net, &tcp_prot, 1);
197  local_bh_enable();
198  sk->sk_prot = &tcp_prot;
199  icsk->icsk_af_ops = &ipv4_specific;
200  sk->sk_socket->ops = &inet_stream_ops;
201  sk->sk_family = PF_INET;
202  tcp_sync_mss(sk, icsk->icsk_pmtu_cookie);
203  } else {
204  struct proto *prot = &udp_prot;
205 
206  if (sk->sk_protocol == IPPROTO_UDPLITE)
207  prot = &udplite_prot;
208  local_bh_disable();
209  sock_prot_inuse_add(net, sk->sk_prot, -1);
210  sock_prot_inuse_add(net, prot, 1);
211  local_bh_enable();
212  sk->sk_prot = prot;
213  sk->sk_socket->ops = &inet_dgram_ops;
214  sk->sk_family = PF_INET;
215  }
216  opt = xchg(&np->opt, NULL);
217  if (opt)
218  sock_kfree_s(sk, opt, opt->tot_len);
219  pktopt = xchg(&np->pktoptions, NULL);
220  kfree_skb(pktopt);
221 
222  sk->sk_destruct = inet_sock_destruct;
223  /*
224  * ... and add it to the refcnt debug socks count
225  * in the new family. -acme
226  */
227  sk_refcnt_debug_inc(sk);
228  module_put(THIS_MODULE);
229  retv = 0;
230  break;
231  }
232  goto e_inval;
233 
234  case IPV6_V6ONLY:
235  if (optlen < sizeof(int) ||
236  inet_sk(sk)->inet_num)
237  goto e_inval;
238  np->ipv6only = valbool;
239  retv = 0;
240  break;
241 
242  case IPV6_RECVPKTINFO:
243  if (optlen < sizeof(int))
244  goto e_inval;
245  np->rxopt.bits.rxinfo = valbool;
246  retv = 0;
247  break;
248 
249  case IPV6_2292PKTINFO:
250  if (optlen < sizeof(int))
251  goto e_inval;
252  np->rxopt.bits.rxoinfo = valbool;
253  retv = 0;
254  break;
255 
256  case IPV6_RECVHOPLIMIT:
257  if (optlen < sizeof(int))
258  goto e_inval;
259  np->rxopt.bits.rxhlim = valbool;
260  retv = 0;
261  break;
262 
263  case IPV6_2292HOPLIMIT:
264  if (optlen < sizeof(int))
265  goto e_inval;
266  np->rxopt.bits.rxohlim = valbool;
267  retv = 0;
268  break;
269 
270  case IPV6_RECVRTHDR:
271  if (optlen < sizeof(int))
272  goto e_inval;
273  np->rxopt.bits.srcrt = valbool;
274  retv = 0;
275  break;
276 
277  case IPV6_2292RTHDR:
278  if (optlen < sizeof(int))
279  goto e_inval;
280  np->rxopt.bits.osrcrt = valbool;
281  retv = 0;
282  break;
283 
284  case IPV6_RECVHOPOPTS:
285  if (optlen < sizeof(int))
286  goto e_inval;
287  np->rxopt.bits.hopopts = valbool;
288  retv = 0;
289  break;
290 
291  case IPV6_2292HOPOPTS:
292  if (optlen < sizeof(int))
293  goto e_inval;
294  np->rxopt.bits.ohopopts = valbool;
295  retv = 0;
296  break;
297 
298  case IPV6_RECVDSTOPTS:
299  if (optlen < sizeof(int))
300  goto e_inval;
301  np->rxopt.bits.dstopts = valbool;
302  retv = 0;
303  break;
304 
305  case IPV6_2292DSTOPTS:
306  if (optlen < sizeof(int))
307  goto e_inval;
308  np->rxopt.bits.odstopts = valbool;
309  retv = 0;
310  break;
311 
312  case IPV6_TCLASS:
313  if (optlen < sizeof(int))
314  goto e_inval;
315  if (val < -1 || val > 0xff)
316  goto e_inval;
317  /* RFC 3542, 6.5: default traffic class of 0x0 */
318  if (val == -1)
319  val = 0;
320  np->tclass = val;
321  retv = 0;
322  break;
323 
324  case IPV6_RECVTCLASS:
325  if (optlen < sizeof(int))
326  goto e_inval;
327  np->rxopt.bits.rxtclass = valbool;
328  retv = 0;
329  break;
330 
331  case IPV6_FLOWINFO:
332  if (optlen < sizeof(int))
333  goto e_inval;
334  np->rxopt.bits.rxflow = valbool;
335  retv = 0;
336  break;
337 
338  case IPV6_RECVPATHMTU:
339  if (optlen < sizeof(int))
340  goto e_inval;
341  np->rxopt.bits.rxpmtu = valbool;
342  retv = 0;
343  break;
344 
345  case IPV6_TRANSPARENT:
346  if (valbool && !capable(CAP_NET_ADMIN) && !capable(CAP_NET_RAW)) {
347  retv = -EPERM;
348  break;
349  }
350  if (optlen < sizeof(int))
351  goto e_inval;
352  /* we don't have a separate transparent bit for IPV6 we use the one in the IPv4 socket */
353  inet_sk(sk)->transparent = valbool;
354  retv = 0;
355  break;
356 
357  case IPV6_RECVORIGDSTADDR:
358  if (optlen < sizeof(int))
359  goto e_inval;
360  np->rxopt.bits.rxorigdstaddr = valbool;
361  retv = 0;
362  break;
363 
364  case IPV6_HOPOPTS:
365  case IPV6_RTHDRDSTOPTS:
366  case IPV6_RTHDR:
367  case IPV6_DSTOPTS:
368  {
369  struct ipv6_txoptions *opt;
370 
371  /* remove any sticky options header with a zero option
372  * length, per RFC3542.
373  */
374  if (optlen == 0)
375  optval = NULL;
376  else if (optval == NULL)
377  goto e_inval;
378  else if (optlen < sizeof(struct ipv6_opt_hdr) ||
379  optlen & 0x7 || optlen > 8 * 255)
380  goto e_inval;
381 
382  /* hop-by-hop / destination options are privileged option */
383  retv = -EPERM;
384  if (optname != IPV6_RTHDR && !capable(CAP_NET_RAW))
385  break;
386 
387  opt = ipv6_renew_options(sk, np->opt, optname,
388  (struct ipv6_opt_hdr __user *)optval,
389  optlen);
390  if (IS_ERR(opt)) {
391  retv = PTR_ERR(opt);
392  break;
393  }
394 
395  /* routing header option needs extra check */
396  retv = -EINVAL;
397  if (optname == IPV6_RTHDR && opt && opt->srcrt) {
398  struct ipv6_rt_hdr *rthdr = opt->srcrt;
399  switch (rthdr->type) {
400 #if defined(CONFIG_IPV6_MIP6) || defined(CONFIG_IPV6_MIP6_MODULE)
401  case IPV6_SRCRT_TYPE_2:
402  if (rthdr->hdrlen != 2 ||
403  rthdr->segments_left != 1)
404  goto sticky_done;
405 
406  break;
407 #endif
408  default:
409  goto sticky_done;
410  }
411  }
412 
413  retv = 0;
414  opt = ipv6_update_options(sk, opt);
415 sticky_done:
416  if (opt)
417  sock_kfree_s(sk, opt, opt->tot_len);
418  break;
419  }
420 
421  case IPV6_PKTINFO:
422  {
423  struct in6_pktinfo pkt;
424 
425  if (optlen == 0)
426  goto e_inval;
427  else if (optlen < sizeof(struct in6_pktinfo) || optval == NULL)
428  goto e_inval;
429 
430  if (copy_from_user(&pkt, optval, sizeof(struct in6_pktinfo))) {
431  retv = -EFAULT;
432  break;
433  }
434  if (sk->sk_bound_dev_if && pkt.ipi6_ifindex != sk->sk_bound_dev_if)
435  goto e_inval;
436 
437  np->sticky_pktinfo.ipi6_ifindex = pkt.ipi6_ifindex;
438  np->sticky_pktinfo.ipi6_addr = pkt.ipi6_addr;
439  retv = 0;
440  break;
441  }
442 
443  case IPV6_2292PKTOPTIONS:
444  {
445  struct ipv6_txoptions *opt = NULL;
446  struct msghdr msg;
447  struct flowi6 fl6;
448  int junk;
449 
450  memset(&fl6, 0, sizeof(fl6));
451  fl6.flowi6_oif = sk->sk_bound_dev_if;
452  fl6.flowi6_mark = sk->sk_mark;
453 
454  if (optlen == 0)
455  goto update;
456 
457  /* 1K is probably excessive
458  * 1K is surely not enough, 2K per standard header is 16K.
459  */
460  retv = -EINVAL;
461  if (optlen > 64*1024)
462  break;
463 
464  opt = sock_kmalloc(sk, sizeof(*opt) + optlen, GFP_KERNEL);
465  retv = -ENOBUFS;
466  if (opt == NULL)
467  break;
468 
469  memset(opt, 0, sizeof(*opt));
470  opt->tot_len = sizeof(*opt) + optlen;
471  retv = -EFAULT;
472  if (copy_from_user(opt+1, optval, optlen))
473  goto done;
474 
475  msg.msg_controllen = optlen;
476  msg.msg_control = (void*)(opt+1);
477 
478  retv = datagram_send_ctl(net, sk, &msg, &fl6, opt, &junk, &junk,
479  &junk);
480  if (retv)
481  goto done;
482 update:
483  retv = 0;
484  opt = ipv6_update_options(sk, opt);
485 done:
486  if (opt)
487  sock_kfree_s(sk, opt, opt->tot_len);
488  break;
489  }
490  case IPV6_UNICAST_HOPS:
491  if (optlen < sizeof(int))
492  goto e_inval;
493  if (val > 255 || val < -1)
494  goto e_inval;
495  np->hop_limit = val;
496  retv = 0;
497  break;
498 
499  case IPV6_MULTICAST_HOPS:
500  if (sk->sk_type == SOCK_STREAM)
501  break;
502  if (optlen < sizeof(int))
503  goto e_inval;
504  if (val > 255 || val < -1)
505  goto e_inval;
506  np->mcast_hops = (val == -1 ? IPV6_DEFAULT_MCASTHOPS : val);
507  retv = 0;
508  break;
509 
510  case IPV6_MULTICAST_LOOP:
511  if (optlen < sizeof(int))
512  goto e_inval;
513  if (val != valbool)
514  goto e_inval;
515  np->mc_loop = valbool;
516  retv = 0;
517  break;
518 
519  case IPV6_UNICAST_IF:
520  {
521  struct net_device *dev = NULL;
522  int ifindex;
523 
524  if (optlen != sizeof(int))
525  goto e_inval;
526 
527  ifindex = (__force int)ntohl((__force __be32)val);
528  if (ifindex == 0) {
529  np->ucast_oif = 0;
530  retv = 0;
531  break;
532  }
533 
534  dev = dev_get_by_index(net, ifindex);
535  retv = -EADDRNOTAVAIL;
536  if (!dev)
537  break;
538  dev_put(dev);
539 
540  retv = -EINVAL;
541  if (sk->sk_bound_dev_if)
542  break;
543 
544  np->ucast_oif = ifindex;
545  retv = 0;
546  break;
547  }
548 
549  case IPV6_MULTICAST_IF:
550  if (sk->sk_type == SOCK_STREAM)
551  break;
552  if (optlen < sizeof(int))
553  goto e_inval;
554 
555  if (val) {
556  struct net_device *dev;
557 
558  if (sk->sk_bound_dev_if && sk->sk_bound_dev_if != val)
559  goto e_inval;
560 
561  dev = dev_get_by_index(net, val);
562  if (!dev) {
563  retv = -ENODEV;
564  break;
565  }
566  dev_put(dev);
567  }
568  np->mcast_oif = val;
569  retv = 0;
570  break;
571  case IPV6_ADD_MEMBERSHIP:
572  case IPV6_DROP_MEMBERSHIP:
573  {
574  struct ipv6_mreq mreq;
575 
576  if (optlen < sizeof(struct ipv6_mreq))
577  goto e_inval;
578 
579  retv = -EPROTO;
580  if (inet_sk(sk)->is_icsk)
581  break;
582 
583  retv = -EFAULT;
584  if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
585  break;
586 
587  if (optname == IPV6_ADD_MEMBERSHIP)
588  retv = ipv6_sock_mc_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
589  else
590  retv = ipv6_sock_mc_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_multiaddr);
591  break;
592  }
593  case IPV6_JOIN_ANYCAST:
594  case IPV6_LEAVE_ANYCAST:
595  {
596  struct ipv6_mreq mreq;
597 
598  if (optlen < sizeof(struct ipv6_mreq))
599  goto e_inval;
600 
601  retv = -EFAULT;
602  if (copy_from_user(&mreq, optval, sizeof(struct ipv6_mreq)))
603  break;
604 
605  if (optname == IPV6_JOIN_ANYCAST)
606  retv = ipv6_sock_ac_join(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
607  else
608  retv = ipv6_sock_ac_drop(sk, mreq.ipv6mr_ifindex, &mreq.ipv6mr_acaddr);
609  break;
610  }
611  case MCAST_JOIN_GROUP:
612  case MCAST_LEAVE_GROUP:
613  {
614  struct group_req greq;
615  struct sockaddr_in6 *psin6;
616 
617  if (optlen < sizeof(struct group_req))
618  goto e_inval;
619 
620  retv = -EFAULT;
621  if (copy_from_user(&greq, optval, sizeof(struct group_req)))
622  break;
623  if (greq.gr_group.ss_family != AF_INET6) {
624  retv = -EADDRNOTAVAIL;
625  break;
626  }
627  psin6 = (struct sockaddr_in6 *)&greq.gr_group;
628  if (optname == MCAST_JOIN_GROUP)
629  retv = ipv6_sock_mc_join(sk, greq.gr_interface,
630  &psin6->sin6_addr);
631  else
632  retv = ipv6_sock_mc_drop(sk, greq.gr_interface,
633  &psin6->sin6_addr);
634  break;
635  }
636  case MCAST_JOIN_SOURCE_GROUP:
637  case MCAST_LEAVE_SOURCE_GROUP:
638  case MCAST_BLOCK_SOURCE:
639  case MCAST_UNBLOCK_SOURCE:
640  {
641  struct group_source_req greqs;
642  int omode, add;
643 
644  if (optlen < sizeof(struct group_source_req))
645  goto e_inval;
646  if (copy_from_user(&greqs, optval, sizeof(greqs))) {
647  retv = -EFAULT;
648  break;
649  }
650  if (greqs.gsr_group.ss_family != AF_INET6 ||
651  greqs.gsr_source.ss_family != AF_INET6) {
652  retv = -EADDRNOTAVAIL;
653  break;
654  }
655  if (optname == MCAST_BLOCK_SOURCE) {
656  omode = MCAST_EXCLUDE;
657  add = 1;
658  } else if (optname == MCAST_UNBLOCK_SOURCE) {
659  omode = MCAST_EXCLUDE;
660  add = 0;
661  } else if (optname == MCAST_JOIN_SOURCE_GROUP) {
662  struct sockaddr_in6 *psin6;
663 
664  psin6 = (struct sockaddr_in6 *)&greqs.gsr_group;
665  retv = ipv6_sock_mc_join(sk, greqs.gsr_interface,
666  &psin6->sin6_addr);
667  /* prior join w/ different source is ok */
668  if (retv && retv != -EADDRINUSE)
669  break;
670  omode = MCAST_INCLUDE;
671  add = 1;
672  } else /* MCAST_LEAVE_SOURCE_GROUP */ {
673  omode = MCAST_INCLUDE;
674  add = 0;
675  }
676  retv = ip6_mc_source(add, omode, sk, &greqs);
677  break;
678  }
679  case MCAST_MSFILTER:
680  {
681  struct group_filter *gsf;
682 
683  if (optlen < GROUP_FILTER_SIZE(0))
684  goto e_inval;
685  if (optlen > sysctl_optmem_max) {
686  retv = -ENOBUFS;
687  break;
688  }
689  gsf = kmalloc(optlen,GFP_KERNEL);
690  if (!gsf) {
691  retv = -ENOBUFS;
692  break;
693  }
694  retv = -EFAULT;
695  if (copy_from_user(gsf, optval, optlen)) {
696  kfree(gsf);
697  break;
698  }
699  /* numsrc >= (4G-140)/128 overflow in 32 bits */
700  if (gsf->gf_numsrc >= 0x1ffffffU ||
701  gsf->gf_numsrc > sysctl_mld_max_msf) {
702  kfree(gsf);
703  retv = -ENOBUFS;
704  break;
705  }
706  if (GROUP_FILTER_SIZE(gsf->gf_numsrc) > optlen) {
707  kfree(gsf);
708  retv = -EINVAL;
709  break;
710  }
711  retv = ip6_mc_msfilter(sk, gsf);
712  kfree(gsf);
713 
714  break;
715  }
716  case IPV6_ROUTER_ALERT:
717  if (optlen < sizeof(int))
718  goto e_inval;
719  retv = ip6_ra_control(sk, val);
720  break;
721  case IPV6_MTU_DISCOVER:
722  if (optlen < sizeof(int))
723  goto e_inval;
724  if (val < IP_PMTUDISC_DONT || val > IP_PMTUDISC_PROBE)
725  goto e_inval;
726  np->pmtudisc = val;
727  retv = 0;
728  break;
729  case IPV6_MTU:
730  if (optlen < sizeof(int))
731  goto e_inval;
732  if (val && val < IPV6_MIN_MTU)
733  goto e_inval;
734  np->frag_size = val;
735  retv = 0;
736  break;
737  case IPV6_RECVERR:
738  if (optlen < sizeof(int))
739  goto e_inval;
740  np->recverr = valbool;
741  if (!val)
742  skb_queue_purge(&sk->sk_error_queue);
743  retv = 0;
744  break;
745  case IPV6_FLOWINFO_SEND:
746  if (optlen < sizeof(int))
747  goto e_inval;
748  np->sndflow = valbool;
749  retv = 0;
750  break;
751  case IPV6_FLOWLABEL_MGR:
752  retv = ipv6_flowlabel_opt(sk, optval, optlen);
753  break;
754  case IPV6_IPSEC_POLICY:
755  case IPV6_XFRM_POLICY:
756  retv = -EPERM;
757  if (!capable(CAP_NET_ADMIN))
758  break;
759  retv = xfrm_user_policy(sk, optname, optval, optlen);
760  break;
761 
762  case IPV6_ADDR_PREFERENCES:
763  {
764  unsigned int pref = 0;
765  unsigned int prefmask = ~0;
766 
767  if (optlen < sizeof(int))
768  goto e_inval;
769 
770  retv = -EINVAL;
771 
772  /* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */
773  switch (val & (IPV6_PREFER_SRC_PUBLIC|
774  IPV6_PREFER_SRC_TMP|
775  IPV6_PREFER_SRC_PUBTMP_DEFAULT)) {
776  case IPV6_PREFER_SRC_PUBLIC:
777  pref |= IPV6_PREFER_SRC_PUBLIC;
778  break;
779  case IPV6_PREFER_SRC_TMP:
780  pref |= IPV6_PREFER_SRC_TMP;
781  break;
782  case IPV6_PREFER_SRC_PUBTMP_DEFAULT:
783  break;
784  case 0:
785  goto pref_skip_pubtmp;
786  default:
787  goto e_inval;
788  }
789 
790  prefmask &= ~(IPV6_PREFER_SRC_PUBLIC|
791  IPV6_PREFER_SRC_TMP);
792 pref_skip_pubtmp:
793 
794  /* check HOME/COA conflicts */
795  switch (val & (IPV6_PREFER_SRC_HOME|IPV6_PREFER_SRC_COA)) {
796  case IPV6_PREFER_SRC_HOME:
797  break;
798  case IPV6_PREFER_SRC_COA:
799  pref |= IPV6_PREFER_SRC_COA;
800  case 0:
801  goto pref_skip_coa;
802  default:
803  goto e_inval;
804  }
805 
806  prefmask &= ~IPV6_PREFER_SRC_COA;
807 pref_skip_coa:
808 
809  /* check CGA/NONCGA conflicts */
810  switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) {
811  case IPV6_PREFER_SRC_CGA:
812  case IPV6_PREFER_SRC_NONCGA:
813  case 0:
814  break;
815  default:
816  goto e_inval;
817  }
818 
819  np->srcprefs = (np->srcprefs & prefmask) | pref;
820  retv = 0;
821 
822  break;
823  }
824  case IPV6_MINHOPCOUNT:
825  if (optlen < sizeof(int))
826  goto e_inval;
827  if (val < 0 || val > 255)
828  goto e_inval;
829  np->min_hopcount = val;
830  retv = 0;
831  break;
832  case IPV6_DONTFRAG:
833  np->dontfrag = valbool;
834  retv = 0;
835  break;
836  }
837 
838  release_sock(sk);
839 
840  return retv;
841 
842 e_inval:
843  release_sock(sk);
844  return -EINVAL;
845 }
846 
847 int ipv6_setsockopt(struct sock *sk, int level, int optname,
848  char __user *optval, unsigned int optlen)
849 {
850  int err;
851 
852  if (level == SOL_IP && sk->sk_type != SOCK_RAW)
853  return udp_prot.setsockopt(sk, level, optname, optval, optlen);
854 
855  if (level != SOL_IPV6)
856  return -ENOPROTOOPT;
857 
858  err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
859 #ifdef CONFIG_NETFILTER
860  /* we need to exclude all possible ENOPROTOOPTs except default case */
861  if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
862  optname != IPV6_XFRM_POLICY) {
863  lock_sock(sk);
864  err = nf_setsockopt(sk, PF_INET6, optname, optval,
865  optlen);
866  release_sock(sk);
867  }
868 #endif
869  return err;
870 }
871 
872 EXPORT_SYMBOL(ipv6_setsockopt);
873 
874 #ifdef CONFIG_COMPAT
875 int compat_ipv6_setsockopt(struct sock *sk, int level, int optname,
876  char __user *optval, unsigned int optlen)
877 {
878  int err;
879 
880  if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
881  if (udp_prot.compat_setsockopt != NULL)
882  return udp_prot.compat_setsockopt(sk, level, optname,
883  optval, optlen);
884  return udp_prot.setsockopt(sk, level, optname, optval, optlen);
885  }
886 
887  if (level != SOL_IPV6)
888  return -ENOPROTOOPT;
889 
890  if (optname >= MCAST_JOIN_GROUP && optname <= MCAST_MSFILTER)
891  return compat_mc_setsockopt(sk, level, optname, optval, optlen,
892  ipv6_setsockopt);
893 
894  err = do_ipv6_setsockopt(sk, level, optname, optval, optlen);
895 #ifdef CONFIG_NETFILTER
896  /* we need to exclude all possible ENOPROTOOPTs except default case */
897  if (err == -ENOPROTOOPT && optname != IPV6_IPSEC_POLICY &&
898  optname != IPV6_XFRM_POLICY) {
899  lock_sock(sk);
900  err = compat_nf_setsockopt(sk, PF_INET6, optname,
901  optval, optlen);
902  release_sock(sk);
903  }
904 #endif
905  return err;
906 }
907 
908 EXPORT_SYMBOL(compat_ipv6_setsockopt);
909 #endif
910 
911 static int ipv6_getsockopt_sticky(struct sock *sk, struct ipv6_txoptions *opt,
912  int optname, char __user *optval, int len)
913 {
914  struct ipv6_opt_hdr *hdr;
915 
916  if (!opt)
917  return 0;
918 
919  switch(optname) {
920  case IPV6_HOPOPTS:
921  hdr = opt->hopopt;
922  break;
923  case IPV6_RTHDRDSTOPTS:
924  hdr = opt->dst0opt;
925  break;
926  case IPV6_RTHDR:
927  hdr = (struct ipv6_opt_hdr *)opt->srcrt;
928  break;
929  case IPV6_DSTOPTS:
930  hdr = opt->dst1opt;
931  break;
932  default:
933  return -EINVAL; /* should not happen */
934  }
935 
936  if (!hdr)
937  return 0;
938 
939  len = min_t(unsigned int, len, ipv6_optlen(hdr));
940  if (copy_to_user(optval, hdr, len))
941  return -EFAULT;
942  return len;
943 }
944 
945 static int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
946  char __user *optval, int __user *optlen, unsigned int flags)
947 {
948  struct ipv6_pinfo *np = inet6_sk(sk);
949  int len;
950  int val;
951 
952  if (ip6_mroute_opt(optname))
953  return ip6_mroute_getsockopt(sk, optname, optval, optlen);
954 
955  if (get_user(len, optlen))
956  return -EFAULT;
957  switch (optname) {
958  case IPV6_ADDRFORM:
959  if (sk->sk_protocol != IPPROTO_UDP &&
960  sk->sk_protocol != IPPROTO_UDPLITE &&
961  sk->sk_protocol != IPPROTO_TCP)
962  return -ENOPROTOOPT;
963  if (sk->sk_state != TCP_ESTABLISHED)
964  return -ENOTCONN;
965  val = sk->sk_family;
966  break;
967  case MCAST_MSFILTER:
968  {
969  struct group_filter gsf;
970  int err;
971 
972  if (len < GROUP_FILTER_SIZE(0))
973  return -EINVAL;
974  if (copy_from_user(&gsf, optval, GROUP_FILTER_SIZE(0)))
975  return -EFAULT;
976  if (gsf.gf_group.ss_family != AF_INET6)
977  return -EADDRNOTAVAIL;
978  lock_sock(sk);
979  err = ip6_mc_msfget(sk, &gsf,
980  (struct group_filter __user *)optval, optlen);
981  release_sock(sk);
982  return err;
983  }
984 
985  case IPV6_2292PKTOPTIONS:
986  {
987  struct msghdr msg;
988  struct sk_buff *skb;
989 
990  if (sk->sk_type != SOCK_STREAM)
991  return -ENOPROTOOPT;
992 
993  msg.msg_control = optval;
994  msg.msg_controllen = len;
995  msg.msg_flags = flags;
996 
997  lock_sock(sk);
998  skb = np->pktoptions;
999  if (skb)
1000  atomic_inc(&skb->users);
1001  release_sock(sk);
1002 
1003  if (skb) {
1004  int err = datagram_recv_ctl(sk, &msg, skb);
1005  kfree_skb(skb);
1006  if (err)
1007  return err;
1008  } else {
1009  if (np->rxopt.bits.rxinfo) {
1010  struct in6_pktinfo src_info;
1011  src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1012  np->sticky_pktinfo.ipi6_ifindex;
1013  src_info.ipi6_addr = np->mcast_oif ? np->daddr : np->sticky_pktinfo.ipi6_addr;
1014  put_cmsg(&msg, SOL_IPV6, IPV6_PKTINFO, sizeof(src_info), &src_info);
1015  }
1016  if (np->rxopt.bits.rxhlim) {
1017  int hlim = np->mcast_hops;
1018  put_cmsg(&msg, SOL_IPV6, IPV6_HOPLIMIT, sizeof(hlim), &hlim);
1019  }
1020  if (np->rxopt.bits.rxtclass) {
1021  int tclass = np->rcv_tclass;
1022  put_cmsg(&msg, SOL_IPV6, IPV6_TCLASS, sizeof(tclass), &tclass);
1023  }
1024  if (np->rxopt.bits.rxoinfo) {
1025  struct in6_pktinfo src_info;
1026  src_info.ipi6_ifindex = np->mcast_oif ? np->mcast_oif :
1027  np->sticky_pktinfo.ipi6_ifindex;
1028  src_info.ipi6_addr = np->mcast_oif ? np->daddr : np->sticky_pktinfo.ipi6_addr;
1029  put_cmsg(&msg, SOL_IPV6, IPV6_2292PKTINFO, sizeof(src_info), &src_info);
1030  }
1031  if (np->rxopt.bits.rxohlim) {
1032  int hlim = np->mcast_hops;
1033  put_cmsg(&msg, SOL_IPV6, IPV6_2292HOPLIMIT, sizeof(hlim), &hlim);
1034  }
1035  }
1036  len -= msg.msg_controllen;
1037  return put_user(len, optlen);
1038  }
1039  case IPV6_MTU:
1040  {
1041  struct dst_entry *dst;
1042 
1043  val = 0;
1044  rcu_read_lock();
1045  dst = __sk_dst_get(sk);
1046  if (dst)
1047  val = dst_mtu(dst);
1048  rcu_read_unlock();
1049  if (!val)
1050  return -ENOTCONN;
1051  break;
1052  }
1053 
1054  case IPV6_V6ONLY:
1055  val = np->ipv6only;
1056  break;
1057 
1058  case IPV6_RECVPKTINFO:
1059  val = np->rxopt.bits.rxinfo;
1060  break;
1061 
1062  case IPV6_2292PKTINFO:
1063  val = np->rxopt.bits.rxoinfo;
1064  break;
1065 
1066  case IPV6_RECVHOPLIMIT:
1067  val = np->rxopt.bits.rxhlim;
1068  break;
1069 
1070  case IPV6_2292HOPLIMIT:
1071  val = np->rxopt.bits.rxohlim;
1072  break;
1073 
1074  case IPV6_RECVRTHDR:
1075  val = np->rxopt.bits.srcrt;
1076  break;
1077 
1078  case IPV6_2292RTHDR:
1079  val = np->rxopt.bits.osrcrt;
1080  break;
1081 
1082  case IPV6_HOPOPTS:
1083  case IPV6_RTHDRDSTOPTS:
1084  case IPV6_RTHDR:
1085  case IPV6_DSTOPTS:
1086  {
1087 
1088  lock_sock(sk);
1089  len = ipv6_getsockopt_sticky(sk, np->opt,
1090  optname, optval, len);
1091  release_sock(sk);
1092  /* check if ipv6_getsockopt_sticky() returns err code */
1093  if (len < 0)
1094  return len;
1095  return put_user(len, optlen);
1096  }
1097 
1098  case IPV6_RECVHOPOPTS:
1099  val = np->rxopt.bits.hopopts;
1100  break;
1101 
1102  case IPV6_2292HOPOPTS:
1103  val = np->rxopt.bits.ohopopts;
1104  break;
1105 
1106  case IPV6_RECVDSTOPTS:
1107  val = np->rxopt.bits.dstopts;
1108  break;
1109 
1110  case IPV6_2292DSTOPTS:
1111  val = np->rxopt.bits.odstopts;
1112  break;
1113 
1114  case IPV6_TCLASS:
1115  val = np->tclass;
1116  break;
1117 
1118  case IPV6_RECVTCLASS:
1119  val = np->rxopt.bits.rxtclass;
1120  break;
1121 
1122  case IPV6_FLOWINFO:
1123  val = np->rxopt.bits.rxflow;
1124  break;
1125 
1126  case IPV6_RECVPATHMTU:
1127  val = np->rxopt.bits.rxpmtu;
1128  break;
1129 
1130  case IPV6_PATHMTU:
1131  {
1132  struct dst_entry *dst;
1133  struct ip6_mtuinfo mtuinfo;
1134 
1135  if (len < sizeof(mtuinfo))
1136  return -EINVAL;
1137 
1138  len = sizeof(mtuinfo);
1139  memset(&mtuinfo, 0, sizeof(mtuinfo));
1140 
1141  rcu_read_lock();
1142  dst = __sk_dst_get(sk);
1143  if (dst)
1144  mtuinfo.ip6m_mtu = dst_mtu(dst);
1145  rcu_read_unlock();
1146  if (!mtuinfo.ip6m_mtu)
1147  return -ENOTCONN;
1148 
1149  if (put_user(len, optlen))
1150  return -EFAULT;
1151  if (copy_to_user(optval, &mtuinfo, len))
1152  return -EFAULT;
1153 
1154  return 0;
1155  break;
1156  }
1157 
1158  case IPV6_TRANSPARENT:
1159  val = inet_sk(sk)->transparent;
1160  break;
1161 
1162  case IPV6_RECVORIGDSTADDR:
1163  val = np->rxopt.bits.rxorigdstaddr;
1164  break;
1165 
1166  case IPV6_UNICAST_HOPS:
1167  case IPV6_MULTICAST_HOPS:
1168  {
1169  struct dst_entry *dst;
1170 
1171  if (optname == IPV6_UNICAST_HOPS)
1172  val = np->hop_limit;
1173  else
1174  val = np->mcast_hops;
1175 
1176  if (val < 0) {
1177  rcu_read_lock();
1178  dst = __sk_dst_get(sk);
1179  if (dst)
1180  val = ip6_dst_hoplimit(dst);
1181  rcu_read_unlock();
1182  }
1183 
1184  if (val < 0)
1185  val = sock_net(sk)->ipv6.devconf_all->hop_limit;
1186  break;
1187  }
1188 
1189  case IPV6_MULTICAST_LOOP:
1190  val = np->mc_loop;
1191  break;
1192 
1193  case IPV6_MULTICAST_IF:
1194  val = np->mcast_oif;
1195  break;
1196 
1197  case IPV6_UNICAST_IF:
1198  val = (__force int)htonl((__u32) np->ucast_oif);
1199  break;
1200 
1201  case IPV6_MTU_DISCOVER:
1202  val = np->pmtudisc;
1203  break;
1204 
1205  case IPV6_RECVERR:
1206  val = np->recverr;
1207  break;
1208 
1209  case IPV6_FLOWINFO_SEND:
1210  val = np->sndflow;
1211  break;
1212 
1213  case IPV6_ADDR_PREFERENCES:
1214  val = 0;
1215 
1216  if (np->srcprefs & IPV6_PREFER_SRC_TMP)
1217  val |= IPV6_PREFER_SRC_TMP;
1218  else if (np->srcprefs & IPV6_PREFER_SRC_PUBLIC)
1219  val |= IPV6_PREFER_SRC_PUBLIC;
1220  else {
1221  /* XXX: should we return system default? */
1222  val |= IPV6_PREFER_SRC_PUBTMP_DEFAULT;
1223  }
1224 
1225  if (np->srcprefs & IPV6_PREFER_SRC_COA)
1226  val |= IPV6_PREFER_SRC_COA;
1227  else
1228  val |= IPV6_PREFER_SRC_HOME;
1229  break;
1230 
1231  case IPV6_MINHOPCOUNT:
1232  val = np->min_hopcount;
1233  break;
1234 
1235  case IPV6_DONTFRAG:
1236  val = np->dontfrag;
1237  break;
1238 
1239  default:
1240  return -ENOPROTOOPT;
1241  }
1242  len = min_t(unsigned int, sizeof(int), len);
1243  if(put_user(len, optlen))
1244  return -EFAULT;
1245  if(copy_to_user(optval,&val,len))
1246  return -EFAULT;
1247  return 0;
1248 }
1249 
1250 int ipv6_getsockopt(struct sock *sk, int level, int optname,
1251  char __user *optval, int __user *optlen)
1252 {
1253  int err;
1254 
1255  if (level == SOL_IP && sk->sk_type != SOCK_RAW)
1256  return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1257 
1258  if(level != SOL_IPV6)
1259  return -ENOPROTOOPT;
1260 
1261  err = do_ipv6_getsockopt(sk, level, optname, optval, optlen, 0);
1262 #ifdef CONFIG_NETFILTER
1263  /* we need to exclude all possible ENOPROTOOPTs except default case */
1264  if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1265  int len;
1266 
1267  if (get_user(len, optlen))
1268  return -EFAULT;
1269 
1270  lock_sock(sk);
1271  err = nf_getsockopt(sk, PF_INET6, optname, optval,
1272  &len);
1273  release_sock(sk);
1274  if (err >= 0)
1275  err = put_user(len, optlen);
1276  }
1277 #endif
1278  return err;
1279 }
1280 
1281 EXPORT_SYMBOL(ipv6_getsockopt);
1282 
1283 #ifdef CONFIG_COMPAT
1284 int compat_ipv6_getsockopt(struct sock *sk, int level, int optname,
1285  char __user *optval, int __user *optlen)
1286 {
1287  int err;
1288 
1289  if (level == SOL_IP && sk->sk_type != SOCK_RAW) {
1290  if (udp_prot.compat_getsockopt != NULL)
1291  return udp_prot.compat_getsockopt(sk, level, optname,
1292  optval, optlen);
1293  return udp_prot.getsockopt(sk, level, optname, optval, optlen);
1294  }
1295 
1296  if (level != SOL_IPV6)
1297  return -ENOPROTOOPT;
1298 
1299  if (optname == MCAST_MSFILTER)
1300  return compat_mc_getsockopt(sk, level, optname, optval, optlen,
1301  ipv6_getsockopt);
1302 
1303  err = do_ipv6_getsockopt(sk, level, optname, optval, optlen,
1304  MSG_CMSG_COMPAT);
1305 #ifdef CONFIG_NETFILTER
1306  /* we need to exclude all possible ENOPROTOOPTs except default case */
1307  if (err == -ENOPROTOOPT && optname != IPV6_2292PKTOPTIONS) {
1308  int len;
1309 
1310  if (get_user(len, optlen))
1311  return -EFAULT;
1312 
1313  lock_sock(sk);
1314  err = compat_nf_getsockopt(sk, PF_INET6,
1315  optname, optval, &len);
1316  release_sock(sk);
1317  if (err >= 0)
1318  err = put_user(len, optlen);
1319  }
1320 #endif
1321  return err;
1322 }
1323 
1324 EXPORT_SYMBOL(compat_ipv6_getsockopt);
1325 #endif
1326 
Generated on Thu Jan 10 2013 14:59:19 for Linux Kernel by   doxygen 1.8.2